It may be the summer holidays for many, but not in the world of cybercrime. August has been a busy month of incidents, with attacks hitting schools, wildlife parks, airports and many other sectors. Here’s a summary of some of the top incidents making the news this month.
Essex infant school cyberattack
Canvey Island Infant School in Essex experienced a cyberattack over the summer holidays, compromising its IT system. The school, which serves children aged five to seven, is said to have reported the incident to the National Cyber Security Centre.
As a result of the attack, the school lost access to email communication, and parents have been encouraged to leave voicemails if they need to contact the school. Essex County Council is aware of the incident and is providing support. It remains unclear if any sensitive information has been compromised.
Since the attack, teachers have been unable to access essential resources, leading the headteacher to make the difficult decision to close the school for an extra day on Tuesday, 3rd September, to allow time for system restoration and preparation for the new term. Parents have been assured that IT staff are working hard to resolve the issue and that significant progress has been made.
Ransomware attack on major poultry producer
A major poultry producer in Norfolk, Banham Poultry, suffered a suspected ransomware attack on 18th August. Cybercriminals remotely accessed the company's IT system and stole the personal details of its staff. The compromised data includes sensitive information such as National Insurance numbers, copies of passports, and bank details. The company employs around 600 people and has responded by providing its staff with advice, credit monitoring, and fraud detection services.
Following the attack, Banham Poultry immediately shut down its systems and sought support from external forensic specialists to investigate the attack. The company has shared with staff that currently, there is no evidence of the stolen data being used maliciously, but they acknowledge there is a small risk if the data is published on the dark web.
The attack is believed to have involved a group called RansomHub. This incident appears to be part of a broader trend of ransomware attacks affecting major employers in Norfolk, including previous attacks on Norfolk and Norwich University Hospital, Roys of Wroxham, and Wymondham College.
Increase in attacks on law firms
A recent study reveals a significant increase in cyberattacks on UK law firms in the last year, increasing from 538 to 954 attacks from the previous year. The study shows that criminals are increasingly targeting law firms due to the sensitive personal and financial information they hold, which can then be sold on the dark web or used for blackmail.
Lubbock Fine (chartered accountants) partner Mark Turner highlighted the value of law firm's data and how it makes them attractive to cybercriminals. Firms can often be locked out of their systems until a ransom is paid. A recent report from the NCSC shared that nearly 75% of the top 100 UK law firms have been affected by cybercrime.
Turner emphasised the need for law firms to implement more robust cyber defences, such as segregating data across different departments, teams, and clients, to help better protect against these threats.
Seattle Airport
Seattle-Tacoma International Airport suffered a major tech outage this month, which is believed to be the result of a cyberattack. Airport operations were severely disrupted, with the initial outage beginning on 24th August. The attack affected critical airport systems, including flight information displays and baggage tracking, resulting in severe delays and cancellations.
SeaTac’s Aviation Management Director, Lance Lyttle, stated that efforts are ongoing to restore necessary systems and minimise the impact on passengers. Major airlines like Delta and Alaska Airlines have avoided severe disruptions, but smaller airlines have been hit hard, with some having to issue tickets and cancel flights manually.
The baggage sorting system was particularly affected, forcing Alaska Airlines staff to sort over 7,000 bags manually. The airport's investigation, involving the Transportation Security Administration (TSA) and FBI, has yet to reveal the source of the attack. A spokesperson for SeaTac mentioned that suspicious activity was detected early on Saturday, prompting the airport to shut down its entire system as a precaution.
Wildlife park advises customers to cancel cards
Fota Wildlife Park in Cork recently experienced a cyberattack, which led to warnings for customers who purchased tickets online between 12th May and 27th August.
The park has advised customers to cancel their debit or credit cards and monitor transactions for any suspicious activity, as their financial information may have been compromised. Users with accounts on Fota's website were also urged to change their passwords because usernames, passwords, and emails linked to them may have also been accessed.
After discovering the breach, Fota Wildlife Park immediately launched an investigation, removed access to user accounts on its website, and engaged external cybersecurity experts to assess the damage. The incident has been reported to the Data Protection Commission, and Fota is cooperating fully with the investigation. In a statement, Fota assured customers that protecting their personal and financial information is a top priority and that day-to-day operations at the park continue as usual.
Cybersecurity for the channel
At Brigantia, we’re dedicated to providing our partners with the latest information and cybersecurity solutions to address the latest threats. Working with our partners, we protect organisations against the changing threat landscape.
Contact our team to learn about our vendor portfolio or how we work with channel partners.